CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
88.7%
Versions of Google Chrome earlier than 21.0.1180.89 are potentially affected by the following vulnerabilities :
An out-of-bounds read error exists related to line-breaking. (CVE-2012-2865)
Variable casting errors exist related to ‘run-ins’ and XSL transformations. (CVE-2012-2866, CVE-2012-2871)
An unspecified error exists related to the SPDY protocol that can result in application crashes. (CVE-2012-2867)
A unspecified race condition exists related to ‘workers’ and XHR. (CVE-2012-2868)
An unspecified error exists related to stale buffers and URL loading. (CVE-2012-2869)
Memory management issues exist related to XPath processing. (CVE-2012-2870)
Cross-site scripting is possible during the SSL interstitial process. (CVE-2012-2872)
Successful exploitation of any of these issue could lead to an application crash or even allow arbitrary code execution, subject to the user’s privileges.
Binary data 6563.pasl